Spectre-V2 mitigation in Linux Kernel 4.20 RC & 4.19.2 can make Linux on Intel CPUs significantly slower

in linux •  6 years ago 

If it wasn't clear before, Spectre & Meltdown, the security issues that effect mostly Intel CPUs but also to a much lesser degree other CPUs like ARM and AMD, are the worst security issues found in CPUs so far and there is no end it sight to the problems these issues cause.

Screenshot_2018-11-20 Meltdown and Spectre.png

The fixes however are not simple and straightforward and researchers come up with new variants of Spectre & Meltdown all the time. Just last week it was reported that researchers have found another seven variants of Spectre & Meltdown, with working proof of concept attacks.

The fixes for the issues already had a huge performance impact for cloud servers, Epic Games for example announced they saw a significant performance impact on the servers for their flagship game Fortnite.

For end users however on their desktop computers, the performance hit hasn't been as dramatic. That might just be about to change. STIBP (Single Thread Indirect Branch Preditors) was turned on by default in the release candidate of the Linux Kernel version 4.20 to mitigate Spectre-V2, but that seems to make computers running Linux on Intel processors significantly slower, up to 50% depending on the task. Phoronix released an extensive benchmark and another one specific for gaming on Linux under Kernel 4.20.

Linus Torvalds, the creator of the Linux kernel, is of course already on the case and says:

This was marked for stable, and honestly, nowhere in the discussion
did I see any mention of just how bad the performance impact of this
was.

When performance goes down by 50% on some loads, people need to start
asking themselves whether it was worth it. It's apparently better to
just disable SMT entirely, which is what security-conscious people do
anyway.

So why do that STIBP slow-down by default when the people who really
care already disabled SMT?

I think we should use the same logic as for L1TF: we default to
something that doesn't kill performance. Warn once about it, and let
the crazy people say "I'd rather take a 50% performance hit than
worry about a theoretical issue".

Linus

Another Kernel developer suggested to just revert the patch completely, and someone speaking for Intel said STIBP should not be turned on by default, and only used surgically where it is really needed. Following the discussion in the linked mailing list thread, it seems like there will be an option going forward, where STIBP is disabled by default but processes that need the added security despite the huge performance hit can ask the Kernel to enable it.

According to phoronix, Kernel 4.20 is supposed to ship in December or January, so there is some time left for the Linux developers to figure out the best way to solve this issue.

The problem now however as phoronix explains it is that the patch was already backported and released with Kernel 4.19.2, so if you use that Kernel, your system is already affected by the performance decrease.

Note: Just to be clear, I'm neither a Kernel developer nor a security expert, this topic is way above my pay grade, so don't depend on what I write about Spectre & Meltdown, check out the sources I link to so you can be sure the information is correct and wasn't lost in translation from Kernel hacker to layman.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!